blog post

By: Laura BernheimPosted: September 12, 2016

Follow "The Hosting Blog" daily as hosting experts, programmers, and tech managers go in depth on a variety of tech-related topics.

TL; DR: Let’s be honest — most site owners don’t have the IT expertise to adequately protect their websites from security threats. While they might know that speedy page loads help business, they don’t have a clue how to make it happen. In light of this, industry-leading security and optimization company CloudFlare continues to evolve with the latest threats, standards, and technology. Now offering IPv6, HTTP2, and Server Push, along with a new WordPress plugin, web application firewall, and Universal SSL licenses, CloudFlare touts products that make a major difference with minimal effort from site owners and hosting providers alike.

It’s no secret that site owners typically don’t think about security until it’s too late. Even if they know about the importance of having a secure and stable website, they might not know the best or most current practices to keep their site safe.

The same can be said for a site’s performance and optimization, which can have drastic effects on a business’s revenue, according to CloudFlare Partner Account Manager Ashley Gorringe.

“A lot of people don’t think about these issues, particularly around DDoS, until they’re actually under attack,” he said. “In many cases, new customers are coming to us as a reactive measure.”

CloudFlare, which established themselves as leaders behind a next-generation CDN, lightning-fast DNS, and comprehensive threat protection, continues to churn out new features that make security and performance easier to achieve right from the start.

“We’re focused on making life easier for hosts and their end customers. Most site owners using CMS platforms like WordPress or Magento aren’t that technical,” Product Manager of Partnerships Rahul Mahajan said. “With CloudFlare’s new plugins for WordPress and Magento, we’re making optimizing and securing their websites 1-click simple, so they can focus on their blog or business and not have to worry about the technical details.”

Classic CloudFlare: CDN, Optimization, DDoS, DNS, & Security

CloudFlare enhances web performance with both a state-of-the-art CDN that places static content closer to site visitors and several web content optimization products.

On the product front, some of our favorites include:

Rocket Loader minimizes the number of network connections.

Polish and Mirage optimize images.

Railgun accelerates dynamic content that was previously uncacheable.

With roughly 90 datacenters spread across the globe, CloudFlare’s CDN makes sure customers’ websites are always available and performing at their best.

“We have that constant drumbeat of all our new datacenters that we’re launching,” Ashley said. “It’s a great way for us to talk to and reach new geographical markets.”

CloudFlare’s network boasts datacenters in nearly 90 locations.

The company’s strong network, proprietary software, and custom-built hardware means that DDoS attacks — escalating in both size and frequency in the last few years — aren’t much of a concern to CloudFlare customers.

CloudFlare’s network has defended against sustained attacks of more than 400 Gb/s and can get affected sites back online within minutes.

What’s more, CloudFlare powers more than a third of managed DNS domains and serves 43 billion DNS queries per day, making it one of the largest authoritative DNS networks in the world.

New for 2016: IPv6, HTTP2, WordPress Plugin, & Universal SSL Updates

As technology and security threats change, so do CloudFlare’s offerings. Here are some of the company’s newest products and initiatives this year:

Speeding Up a Growing Internet with IPv6, HTTP2, & Server Push

One of the fastest-growing providers of IPv6 connectivity, CloudFlare has helped nearly one million websites join the modern communications protocol.

The company had been offering IPv6 support and a gateway since 2012, but the company recently enabled IPv6 support by default for all customers, making the transition as smooth and painless as possible.

HTTP2 and Server Push limit the number of HTTP requests, drastically speeding up page loads.

Also new this year is Server Push, a feature of HTTP2 that allows a server or edge network to send resources to a web browser preemptively. A more efficient equivalent to inline assets, HTTP2 and Server Push minimize the number of HTTP requests and allow multiple assets to be cached independently.

Adopting HTTP2 alone speeds up your website dramatically — a demo on CloudFlare’s website showed that HTTP2 was able to load an image nearly 11 times faster than HTTP1.1.

New WordPress Plugin Means 1-Click Optimization & Security

In another effort not to overwhelm site owners with security and performance metrics, CloudFlare developers packaged the best WordPress-specific settings and features into a plugin that users can activate in just one click.

“You don’t have to think that much more about it at all,” Rahul said, adding that more advanced users will be able to access additional features and services if they’d like. “What that plugin is doing is really encapsulating all of CloudFlare’s benefits in one very-easy-to-use interface for site owners who may not want to think as much about the complex details.”

Due out any minute now, the new CloudFlare plugin will automatically purge CloudFlare and WordPress caches after successful website updates.

Web Application Firewall Boosts Security Without Slowing Down Your Site

As another layer of security for platforms such as WordPress or CoreCommerce, CloudFlare built their web application firewall (WAF) with built-in rulesets tailored to mitigate attacks specific to individual CMS vulnerabilities. While the WAF protects against overall security threats such as SQL injection, comment spam, and cross-site scripting, it also takes the stress out of updating the CMS to a potentially unstable version.

“We’ll actually attach those rulesets before the upgraded CMS is out in the wild or when they’ve just been released,” Ashley said. “For customers worried about upgrading because of the big concern of it upsetting their CSS, they automatically get protection.”

CloudFlare’s web application firewall meets all security requirements for PCI compliance, the standard for accepting online credit card transactions. Tapping into the booming eCommerce market has been a major focus for CloudFlare, according to Ashley.

“PCI compliance is a great way for us to start conversations about security and performance, particularly as it relates to eCommerce,” he said.

CloudFlare enables SSL by default for all their users in an effort to build a more protected Internet.

As part of their Universal SSL effort to encrypt as much web traffic as possible to prevent data theft, CloudFlare enables SSL by default for all customers — including those on the free plan.

“People are just used to seeing the lock icons and https in their browser bars,” Rahul said. “For their customers to trust them, they need SSL.”

CloudFlare is Committed to Creating a Stronger, More Secure Internet

Since launching in 2010, CloudFlare Co-Founders Matthew Prince, Lee Holloway, and Michelle Zatlyn have grown the company to more than 300 employees in six office locations. Currently located in San Francisco, CA; Austin, TX; London, UK; Champaign, IL; Washington, DC; and Singapore, Ashley said the company is looking to open additional offices later this year.

CloudFlare employs a team heavy with engineers and developers to keep up with the technical nature of the company’s products and the problems they’re looking to solve.

At the end of the day, however, Rahul said that all the complexity and technology boils down to CloudFlare’s mission: Build a better Internet.

“Everything we do ties into that mission,” he said. “Our Co-Founders and CEO are extremely passionate about that, and it trickles down throughout the organization.”

Questions or Comments? Ask Laura!

Ask a question and Laura will respond to you. We strive to provide the best advice on the net and we are here to help you in any way we can.

Was this helpful? Tell Us Thanks.

Like this article on Facebook

Tweet this article on Twitter

Share this article on Google+

About the Author

Laura Bernheim

Laura Bernheim has spent more than 12 years crafting engaging and award-winning articles that share the passion behind organizations' products, people, and innovations. As a Managing Editor for HostingAdvice, she combines a reputation for producing quality content with rich technical expertise to show experienced developers how to capitalize on emerging technologies and find better ways to work with established platforms. A professional journalist, Laura has contributed to The New York Times, Sports Illustrated, the Sun Sentinel, and the world's top hosting providers. In addition to conducting interviews with industry leaders, Laura drives internal writing and design teams to deliver stellar, timely content that clearly explains even the most difficult concepts.

Disclaimer: Great efforts are made to maintain reliable data on all offers presented. However, this data is provided without warranty. Users should always check the offer provider’s official website for current terms and details. Our site receives compensation from many of the offers listed on the site. Along with key review factors, this compensation may impact how and where products appear across the site (including, for example, the order in which they appear). Our site does not include the entire universe of available offers. Editorial opinions expressed on the site are strictly our own and are not provided, endorsed, or approved by advertisers.